Robert Jaques,
vnunet.com 18 Oct 2006
Security experts have detected a malicious Trojan downloader being distributed in spoofed email messages claiming to be from
Microsoft.
The email appears to come from
support@microsoft.com, and offers a link to download Release Candidate 1 of Microsoft Internet Explorer 7.
Clicking on the link provided in the bogus email launches a maliciously crafted web site that looks very similar to a legitimate Microsoft page.
However, security firm
SurfControl warned that the website installs a Trojan via a browser exploit targeted at Internet Explorer and effectively creates a backdoor on infected systems.
"This threat takes advantage of the release of
Internet Explorer 7 Release Candidate 1 by Microsoft last week," SurfControl warned.